29 matches found
EUVD-2020-6528
Malware in sbrugna...
EUVD-2020-18304
Malware in sbrugna...
EUVD-2017-16529
Malware in sbrugna...
EUVD-2021-7690
Malicious code in bioql PyPI...
The vulnerability of the Red Hat 3scale API Management software lies in its improper handling of insufficient permissions or privileges, allowing a malicious actor to execute arbitrary code.
The vulnerability of the Red Hat 3scale API Management software lies in its improper handling of insufficient permissions or privileges. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Red Hat 3scale Security Vulnerability
Red Hat 3scale is a suite of API Application Programming Interface lifecycle management software from Red Hat. A security vulnerability exists in Red Hat 3Scale that stems from an incompatibility between the use3scaleoidcissuerendpoint of the token introspection policy and RH-SSO 7.5 or later...
Important: Red Hat Enhancement Advisory: Red Hat 3scale API Management 2.13.7 Release - Container Images
Red Hat 3scale API Management 2.13.7 Release - Container Images Release of 3scale API Management components provides these changes:...
Moderate: Red Hat Security Advisory: Red Hat 3scale API Management 2.11.1 Release - Container Images
Red Hat 3scale API Management 2.11.1 Release - Container Images A security update for Red Hat 3scale API Management is now available from the Red Hat Container Catalog. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...
Design/Logic Flaw
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permission...
CVE-2020-14388
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permission...
CVE-2020-25634
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected...
Design/Logic Flaw
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected...
CVE-2020-25634
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected...
Red Hat 3scale 跨站请求伪造漏洞
Red Hat 3scale is a suite of API Application Programming Interface lifecycle management software from Red Hat. A security vulnerability exists in 3scale that stems from the fact that the development portal login form does not validate CSRF tokens, and therefore does not protect against login CSRF...
PT-2021-11165 · Red Hat · Red Hat 3Scale
Name of the Vulnerable Software and Affected Versions: Red Hat 3scale versions prior to 3scale-2.10.0-ER1 Description: A flaw was found in Red Hat 3scale’s API documentation URL, allowing access without credentials. This issue enables an attacker to view sensitive information or modify service...
Moderate: Red Hat Security Advisory: Red Hat 3scale API Management 2.10.0 security update and release
A security update for Red Hat 3scale API Management Platform is now available from the Red Hat Container Catalog. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Red Hat 3scale API Management Platform Input Validation Error Vulnerability
Red Hat 3scale API Management Platform is an API management infrastructure platform from Red Hat. It enables rapid implementation of API sharing, protection, distribution, control, and monetization. An input validation error vulnerability exists in Red Hat 3scale API Management Platform that allo...
CVE-2021-20252
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal...
Denial of service
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal...
CVE-2021-20252
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal...